<?php
$arr=$_POST;
$pwd=md5($arr['old_pwd']);//加密
$dbh=new PDO('mysql:host=localhost;dbname=gaofei','root','root');
$sql="select * from zc where username='{$arr['username']}' and pwd='$pwd'";
//echo $sql;die;
$users=$dbh->query($sql)->fetch(PDO::FETCH_ASSOC);
if($users)
{
    $new_pwd=md5($arr['new_pwd']);
    $status=$arr['status'];
    $update="update zc set pwd='$new_pwd' where id={$users['id']}";
    $dbh->exec($update);
    header('location:show.php');
}
